Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-7619

add OIDC to generate provider access token

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Not a Bug
    • Major
    • None
    • None
    • System
    • False
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • 0
    • 0% 0%

    Description

      at the moment provider access token is non expiring and given the risk associated with it, it could leak and lead to serious consequence (especially if it is a token used for deployment purposes).

      One solution could be implementing expiry of such token, while a better one could be adding OIDC support to provider access token, so that the IDP provides the needed expiry and validation rules.

      Attachments

        Activity

          People

            Unassigned Unassigned
            lucamaf Luca Mattia Ferrari
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: